What am I missing?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

What am I missing?

Michael Segel
I have two mail servers.
One is an older release of Postfix and I’m building a replacement for that server.

I did a test where I sent the same message to both servers.

In /etc/var/maillog on the one server, when the incoming message is being delivered, I see the hostname connect.
On the new server, I see unknown connected.

Both have DNS set up the same.

So what is happening during the initial connection? Why is one able to capture the hostname, and the other is not?
Where should I be looking in the logs or services to be running? Or ports to be open on my firewall?

One of the differences between the two servers is that on the second server I am trying to set up email for virtual users where I have followed some instructions using dovecot and MariaDB (mySQL).  Bellow is part of the logs in the new server which isn’t happening on the old server.  Maybe I mucked up something?  Ok, I know I mucked something up.

Thx

-Mike

Apr 24 18:47:09 stealth postfix/smtpd[7716]: name_mask: all
Apr 24 18:47:09 stealth postfix/smtpd[7716]: inet_addr_local: configured 3 IPv4 addresses
Apr 24 18:47:09 stealth postfix/smtpd[7716]: inet_addr_local: configured 3 IPv6 addresses
Apr 24 18:47:09 stealth postfix/smtpd[7716]: process generation: 30 (30)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: mynetworks ~? debug_peer_list
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: mynetworks ~? fast_flush_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: mynetworks ~? mynetworks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? debug_peer_list
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? fast_flush_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? mynetworks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? permit_mx_backup_networks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? qmqpd_authorized_clients
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: relay_domains ~? relay_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: permit_mx_backup_networks ~? debug_peer_list
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: permit_mx_backup_networks ~? fast_flush_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: permit_mx_backup_networks ~? mynetworks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: connect to subsystem private/proxymap
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr request = open
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr table = unix:passwd.byname
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr flags = 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 16
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: (list terminator)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: (end)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_open: proxy:unix:passwd.byname
Apr 24 18:47:09 stealth postfix/smtpd[7716]: Compiled against Berkeley DB: 5.3.21?
Apr 24 18:47:09 stealth postfix/smtpd[7716]: Run-time linked against Berkeley DB: 5.3.21?
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_open: hash:/etc/aliases
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr request = open
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr table = mysql:/etc/postfix/mysql-virtual_forwardings.cf
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr flags = 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 16
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: (list terminator)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: (end)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_proxy_open: connect to map=mysql:/etc/postfix/mysql-virtual_forwardings.cf status=0 server_flags=fixed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_open: proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: user = <USER>
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: password = <PASSWORD>
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: dbname = mail
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: result_format = %s
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_int: /etc/postfix/mysql-virtual_email2email.cf: expansion_limit = 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: query = SELECT email FROM users WHERE email='%s'
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: domain =
Apr 24 18:47:09 stealth postfix/smtpd[7716]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: hosts = 127.0.0.1
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_open: mysql:/etc/postfix/mysql-virtual_email2email.cf
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr request = open
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr table = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr flags = 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: flags
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 16
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/proxymap socket: wanted attribute: (list terminator)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: (end)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_proxy_open: connect to map=mysql:/etc/postfix/mysql-virtual_mailboxes.cf status=0 server_flags=fixed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: dict_open: proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? debug_peer_list
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? fast_flush_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? mynetworks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? relay_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: smtpd_access_maps ~? smtpd_access_maps
Apr 24 18:47:09 stealth postfix/smtpd[7716]: unknown_helo_hostname_tempfail_action = defer_if_permit
Apr 24 18:47:09 stealth postfix/smtpd[7716]: unknown_address_tempfail_action = defer_if_permit
Apr 24 18:47:09 stealth postfix/smtpd[7716]: unverified_recipient_tempfail_action = defer_if_permit
Apr 24 18:47:09 stealth postfix/smtpd[7716]: unverified_sender_tempfail_action = defer_if_permit
Apr 24 18:47:09 stealth postfix/smtpd[7716]: name_mask: 2
Apr 24 18:47:09 stealth postfix/smtpd[7716]: initializing the server-side TLS engine
Apr 24 18:47:09 stealth postfix/smtpd[7716]: auto_clnt_create: transport=local endpoint=private/tlsmgr
Apr 24 18:47:09 stealth postfix/smtpd[7716]: auto_clnt_open: connected to private/tlsmgr
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr request = seed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr size = 32
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: seed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: seed
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: <SEED VALUE>
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: (list terminator)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: (end)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr request = policy
Apr 24 18:47:09 stealth postfix/smtpd[7716]: send attr cache_type = smtpd
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: status
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: cachable
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: cachable
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute value: 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: private/tlsmgr: wanted attribute: (list terminator)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: input attribute name: (end)
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: fast_flush_domains ~? debug_peer_list
Apr 24 18:47:09 stealth postfix/smtpd[7716]: match_string: fast_flush_domains ~? fast_flush_domains
Apr 24 18:47:09 stealth postfix/smtpd[7716]: auto_clnt_create: transport=local endpoint=private/anvil
Apr 24 18:47:09 stealth postfix/smtpd[7716]: connection established
Apr 24 18:47:09 stealth postfix/smtpd[7716]: master_notify: status 0
Apr 24 18:47:09 stealth postfix/smtpd[7716]: name_mask: resource
Apr 24 18:47:09 stealth postfix/smtpd[7716]: name_mask: software
Apr 24 18:47:09 stealth postfix/smtpd[7716]: connect from unknown[104.47.32.116]
Reply | Threaded
Open this post in threaded view
|

Re: What am I missing?

Noel Jones-2
On 4/25/2017 7:36 AM, Michael Segel wrote:

> I have two mail servers.
> One is an older release of Postfix and I’m building a replacement for that server.
>
> I did a test where I sent the same message to both servers.
>
> In /etc/var/maillog on the one server, when the incoming message is being delivered, I see the hostname connect.
> On the new server, I see unknown connected.
>
> Both have DNS set up the same.
>
> So what is happening during the initial connection? Why is one able to capture the hostname, and the other is not?
> Where should I be looking in the logs or services to be running? Or ports to be open on my firewall?
>
> One of the differences between the two servers is that on the second server I am trying to set up email for virtual users where I have followed some instructions using dovecot and MariaDB (mySQL).  Bellow is part of the logs in the new server which isn’t happening on the old server.  Maybe I mucked up something?  Ok, I know I mucked something up.
>
> Thx
>
> -Mike

Turn off debug logging.  Normal logs are sufficient.
Turn off chroot.  Maybe your chroot environment is incomplete,
preventing DNS from working correctly.
http://www.postfix.org/DEBUG_README.html#no_chroot

If you need more help, please see:
http://www.postfix.org/DEBUG_README.html#mail




  -- Noel Jones

Reply | Threaded
Open this post in threaded view
|

Re: What am I missing?

Michael Segel
FSCK ME! 

Yeah, that solved the issue. 

So… why would that cause the issue? 

Normally I’d leave this to the experts while I focus on my day job, but since this is my SOHO domain, I have to ask these questions which of course 3 months from now, I’ll forget and have to do it all over again. 
Do I want to eventually run this with chroot? 

Thanks again to everyone. 

-Mike

On Apr 25, 2017, at 8:41 AM, Noel Jones <[hidden email]> wrote:

On 4/25/2017 7:36 AM, Michael Segel wrote:
I have two mail servers. 
One is an older release of Postfix and I’m building a replacement for that server. 

I did a test where I sent the same message to both servers. 

In /etc/var/maillog on the one server, when the incoming message is being delivered, I see the hostname connect. 
On the new server, I see unknown connected. 

Both have DNS set up the same. 

So what is happening during the initial connection? Why is one able to capture the hostname, and the other is not? 
Where should I be looking in the logs or services to be running? Or ports to be open on my firewall? 

One of the differences between the two servers is that on the second server I am trying to set up email for virtual users where I have followed some instructions using dovecot and MariaDB (mySQL).  Bellow is part of the logs in the new server which isn’t happening on the old server.  Maybe I mucked up something?  Ok, I know I mucked something up. 

Thx 

-Mike

Turn off debug logging.  Normal logs are sufficient.
Turn off chroot.  Maybe your chroot environment is incomplete,
preventing DNS from working correctly.
http://www.postfix.org/DEBUG_README.html#no_chroot

If you need more help, please see:
http://www.postfix.org/DEBUG_README.html#mail




 -- Noel Jones

Reply | Threaded
Open this post in threaded view
|

Re: What am I missing?

Viktor Dukhovni
On Tue, Apr 25, 2017 at 04:06:04PM +0000, Michael Segel wrote:

> Normally I�d leave this to the experts while I focus on my day job, but
> since this is my SOHO domain, I have to ask these questions which of course
> 3 months from now, I�ll forget and have to do it all over again.
> Do I want to eventually run this with chroot?

In simplest terms:

    * The Postfix chroot support is for experts.
    * You've said you're not an expert.

Therefore, you shouldn't use Postfix chroot support.  The fact that
Debian/Ubuntu enable chroot in Postfix by default is an unfortunate
historical accident.  It is likely difficult to make an incompatible
change, even though for many users the default chrooted configuration
creates an obstacle to successful deployment.

--
        Viktor.